CVE-2026-2680
CVE-2026-2680 describes a Reflected XSS in the A3factura web platform, affecting the endpoint a3factura-app.wolterskluwer.es/#/incomes/salesDeliveryNotes with the vulnerable parameter customerVATNumber . The issue could allow an attacker to execute arbitrary code in a victim’s browser. The CVSSv4...